System Analyst | Digital Compliance & Monitoring (Security Compliance & Audit Management)

JOB SUMMARY

Support the development, enhancement, and maintenance of systems, automation, and analytics used by the Digital Compliance & Monitoring Unit to ensure effective, accurate, and continuous technical compliance monitoring across the organization.

JOB RESPONSIBILITIES

1. Compliance Systems & Automation

• Develop, maintain, and enhance scripts or automation for technical compliance checks.
• Conduct system requirements analysis to support digital compliance initiatives and propose system improvements.
• Troubleshoot system issues related to compliance tools, automation, and data ingestion.

2. Compliance Monitoring Operations

• Perform scheduled technical compliance checks in accordance with established frameworks and standards.
• Collect, validate, and verify compliance evidence to ensure accuracy and integrity of information.
• Track exceptions and follow up with system owners on remediation activities.

3. Data Analysis & Reporting

• Produce accurate compliance reports, including dashboards, trend analysis, and exception summaries.
• Provide technical input and insights to management for risk monitoring and control effectiveness assessments.
• Maintain structured documentation for audit and reporting purposes.

4. Risk & Control Management

• Identify compliance gaps through system analysis and digital log reviews.
• Support remediation planning by collaborating with system owners and technical teams.
• Assist in evaluating the effectiveness of existing controls and proposing enhancements.

5. Documentation & Standards Alignment

• Prepare and continuously update technical documentation, SOPs, and compliance checklists.
• Ensure alignment with regulatory and industry standards such as:
• Cyber Security Act 2024
• PDPA 2024
• BNM RMiT / CRMA
• NIST, COBIT 2019, CIS Controls
• ISO27001

6. Audit & Certification Support

• Provide data, evidence, and technical analysis to support internal/external audits and certification activities (e.g., ISO27001).
• Address audit queries by supplying required technical information promptly and accurately.

7. Stakeholder Coordination

• Liaise with application owners, infrastructure teams, cybersecurity teams, and other stakeholders to resolve compliance issues.
• Support initiatives to raise compliance awareness and improve compliance posture across the organization.

JOB REQUIREMENTS

• Malaysian Citizen
• Pass Malay Language, including the oral test, at the Sijil Pelajaran Malaysia (SPM) level or an equivalent qualification recognised by the Government
• Possess a Bachelor’s Degree in Computer Science, Information Technology, Cybersecurity, or equivalent from a recognized institution.
• Minimum 4 - 7 years of experience in system analysis, technical monitoring, IT audit, or IT compliance.
• Technical knowledge in: a) Operating systems (Windows/Linux); b) Active Directory, databases, and basic networking; and c) Scripting (PowerShell and Python)
• Understanding of regulatory and compliance frameworks: Cyber Security Act 2024, PDPA, NIST, RMiT, COBIT 2019, CIS Controls, ISO27001.
• Strong analytical, problem-solving, and documentation skills.
• Certifications such as ISO27001 Internal Auditor, Security+, or foundation-level CISA are an advantage.

PLACEMENT

Security Compliance & Audit Management Section, Digital Security Department

JOB STATUS

Permanent

All applications are strictly CONFIDENTIAL, and only shortlisted candidates will be called for an interview. Applications are deemed UNSUCCESSFUL if there is no feedback from the EPF within 2 MONTHS after the closing date of the advertisement.